Tech firm Twitter has increased security for candidates and key figures in the upcoming US election by activating extra account protection.
Several Twitter accounts related to the US election will be subjected to immediate changes to improve their security. The tech company will be adding “proactive internal security safeguards” for a much wider range of high-profile election-related accounts.
Twitter’s additional safeguards
In the coming weeks, Twitter said it would increase security for election-related accounts, including the Executive Branch, including the president and vice-president, the Congress, both the House of Representatives and the Senate, governors and secretaries of state, presidential campaigns, political parties and candidates, as well as significant news outlets and political journalists.
Those accounts will begin receiving in-app notifications of immediate changes on the user’s side starting this week.
Twitter will require these users to use a strong password and those who do not meet the platform’s standards will be required to change it the next time they log in. By default, all those accounts will have had password reset protection enabled.
Password reset protection means the user needs to confirm the email address and password on record to be able to reset their password.
Enabling cele will also be encouraged but not required.
Most recent hacking incident at Twitter
Last July, Twitter said 130 accounts were targeted by hackers in the Bitcoin scam, including those of Barack Obama, Elon Musk, and Bill Gates.
Several prominent US accounts were compromised to promote a cryptocurrency scam due to an attack by hackers on some of its employees with access to the company’s internal tools.
Twitter’s support team said: “We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”
The hackers were able to bypass account security by somehow gaining access to Twitter’s own internal administration tools.
The affected accounts include those of former President Barack Obama, Kanye West, Kim Kardashian West, Warren Buffett, Jeff Bezos and Mike Bloomberg. The accounts posted similar tweets soliciting donations via Bitcoin to their verified profiles.
Gates’ tweet read: “Everyone is asking me to give back, and now is the time. I am doubling all payments sent to my BTC address for the next 30 minutes. You send $1,000, I send you back $2,000…Only going on for 30 minutes! Enjoy!”
A spokesperson for Gates stated: “We can confirm that this tweet was not sent by Bill Gates. This appears to be part of a larger issue that Twitter is facing. Twitter is aware and working to restore the account.”
Despite being one of the most prominent Twitter users, President Donald Trump was unaffected by the attack.
According to social media firm, its employees were targeted by a spear-phishing scam through their phones that enable the hackers to gain information and access to the celebrity accounts.
Spear-phishing refers to a targeted attack designed to trick people into handing out information such as passwords. This enabled the attackers not only to tweet from the verified accounts to promote the Bitcoin scam but also gave them access to private direct messages.
The hacking incident has raised concerns about how much access Twitter employees have to user accounts. The firm acknowledged these concerns and claimed that it was “taking a hard look” at how it could improve its permissions and processes.
Twitter stated: “Access to these tools is strictly limited and is only granted for valid business reasons.”
The company also explained that while some of the employees targeted by the spear-phishing attack did not have access to the in-house tools, they did have access to the internal network and other systems.